News about linux, computer, computer science, mathematics and white hot chocolate, the most beautiful drink in this world.

Sunday, July 15, 2012

Safely storing passwords

A classic advice on the Internet is to have different passwords for different sites. The reason behind is that if someone manages to get your password for an application - webmail, facebook, linkedin or anything else - he may have a way to find some of your other applications. And if your password is shared, the attacker has access to them.
But, with that advice comes the hassle - rather the pain actually - to manage all these passwords, with certain sites that ask you to change your key from time to time.

The solution comes with a "keyring" or password manager: an application that will securely store your passwords and credentials, and that will allow you to access them whenever you need. Its characteristics need to be:

To use LastPass ****, you have to install a small piece on your computer and allow the device to access your database.

While the master database is stored online, each device gets a locally stored copy. That way, if you don't have an Internet connectivity or if the LastPass site is down, you still have some of your credentials available.

The con is actually that the master database is stored online: you have to trust that the security of the site and the master databases is adequate.

Password Safe
This is a little more than a spreadsheet, as you also need to install the application on all your devices. It has a few interesting features, such as generating passwords for you.

There are many, many more options available, certain commercials (ironkey, Kaspersky), others free.